QuimaRAT is a cross-platform, Java-based remote access trojan sold as a malware-as-a-service subscription on the dark web. It targets Windows, macOS, and Linux systems by embedding JNA native libraries for multiple architectures within a JAR archive built for Java SE 8. The RAT decrypts an internal configuration file using repeating-key XOR, performs anti-analysis and virtualization checks, establishes persistence via OS-specific mechanisms, and maintains resilient C2 communication through HANDSHAKE and HEARTBEAT protocols. With 23 implemented commands and 212 protocol-only commands, the platform is highly extensible through runtime modules and fileless payloads.